main detection engine ctx More...

#include <detect.h>

Collaboration diagram for DetectEngineCtx_:

[legend]

Data Fields
bool	failure_fatal

uint8_t	flags

uint8_t	mpm_matcher

MpmConfig *	mpm_cfg

uint8_t	spm_matcher

uint32_t	tenant_id

Signature *	sig_list

uint32_t	sig_cnt

uint32_t	srep_version

SRepCIDRTree *	srepCIDR_ctx

Signature **	sig_array

uint32_t	sig_array_len

uint32_t	signum

struct SCSigOrderFunc_ *	sc_sig_order_funcs

DetectEngineLookupFlow	flow_gh [FLOW_STATES]

HashListTable *	sgh_hash_table

HashListTable *	mpm_hash_table

HashListTable *	pattern_hash_table

HashListTable *	dup_sig_hash_table

DetectEngineIPOnlyCtx	io_ctx

int	inspection_recursion_limit

uint8_t	guess_applayer_log_limit

bool	guess_applayer

int	filemagic_thread_ctx_id

SpmGlobalThreadCtx *	spm_global_thread_ctx

uint16_t	max_uniq_toclient_groups

uint16_t	max_uniq_toserver_groups

uint32_t	max_fb_id

MpmCtxFactoryContainer *	mpm_ctx_factory_container

struct SigGroupHead_ **	sgh_array

uint32_t	sgh_array_cnt

uint32_t	sgh_array_size

int32_t	sgh_mpm_context_proto_tcp_packet

int32_t	sgh_mpm_context_proto_udp_packet

int32_t	sgh_mpm_context_proto_other_packet

int32_t	sgh_mpm_context_stream

int32_t	byte_extract_max_local_id

uint32_t	version

struct SigGroupHead_ *	decoder_event_sgh

uint16_t	base64_decode_max_len

int	rule_line

const char *	rule_file

const char *	sigerror

bool	sigerror_silent

bool	sigerror_ok

bool	sigerror_requires

uint8_t	sgh_mpm_ctx_cnf

int	keyword_id

HashListTable *	keyword_hash

DetectFileDataCfg *	filedata_config

struct SCProfileKeywordDetectCtx_ *	profile_keyword_ctx

struct SCProfilePrefilterDetectCtx_ *	profile_prefilter_ctx

struct SCProfileKeywordDetectCtx_ **	profile_keyword_ctx_per_list

struct SCProfileSghDetectCtx_ *	profile_sgh_ctx

uint32_t	profile_match_logging_threshold

char	config_prefix [64]

enum DetectEngineType	type

uint32_t	ref_cnt

struct DetectEngineCtx_ *	next

int	loader_id

enum DetectEnginePrefilterSetting	prefilter_setting

HashListTable *	dport_hash_table

DetectPort *	tcp_priorityports

DetectPort *	udp_priorityports

HashListTable *	address_table

HashTable *	metadata_table

HashListTable *	buffer_type_hash_name

HashListTable *	buffer_type_hash_id

uint32_t	buffer_type_id

uint32_t	app_mpms_list_cnt

DetectBufferMpmRegistry *	app_mpms_list

DetectEngineAppInspectionEngine *	app_inspect_engines

DetectEnginePktInspectionEngine *	pkt_inspect_engines

DetectBufferMpmRegistry *	pkt_mpms_list

uint32_t	pkt_mpms_list_cnt

DetectEngineFrameInspectionEngine *	frame_inspect_engines

DetectBufferMpmRegistry *	frame_mpms_list

uint32_t	frame_mpms_list_cnt

uint32_t	prefilter_id

HashListTable *	prefilter_hash_table

struct timeval	last_reload

SigFileLoaderStat	sig_stat

SCFPSupportSMList *	fp_support_smlist_list

bool *	sm_types_prefilter

bool *	sm_types_silent_error

HashTable *	class_conf_ht

pcre2_code *	class_conf_regex

pcre2_match_data *	class_conf_regex_match

HashTable *	reference_conf_ht

pcre2_code *	reference_conf_regex

pcre2_match_data *	reference_conf_regex_match

struct EngineAnalysisCtx_ *	ea

char *	tenant_path

SCDetectRequiresStatus *	requirements

uint16_t	filestore_cnt

HashTable *	non_pf_engine_names

const char *	firewall_rule_file_exclusive

SCDetectRateFilterFunc	RateFilterCallback

void *	rate_filter_callback_arg

DetectPacketHookFunc	PreStreamHook

struct SigGroupHead_ *	pre_stream_sgh [2]

DetectPacketHookFunc	PreFlowHook

struct SigGroupHead_ *	pre_flow_sgh

Detailed Description

main detection engine ctx

Definition at line 932 of file detect.h.

Field Documentation

◆ address_table

HashListTable* DetectEngineCtx_::address_table

table for storing the string representation with the parsers result

Definition at line 1072 of file detect.h.

Referenced by DetectAddressMapFree(), and DetectAddressMapInit().

◆ app_inspect_engines

DetectEngineAppInspectionEngine* DetectEngineCtx_::app_inspect_engines

Definition at line 1087 of file detect.h.

Referenced by DetectBufferToClient(), and DetectEngineAppInspectionEngine2Signature().

◆ app_mpms_list

DetectBufferMpmRegistry* DetectEngineCtx_::app_mpms_list

Definition at line 1084 of file detect.h.

Referenced by DetectAppLayerMpmRegisterByParentId(), DetectMpmInitializeAppMpms(), DetectMpmPrepareAppMpms(), and MpmStoreReportStats().

◆ app_mpms_list_cnt

uint32_t DetectEngineCtx_::app_mpms_list_cnt

Definition at line 1083 of file detect.h.

Referenced by DetectAppLayerMpmRegisterByParentId(), and DetectMpmInitializeAppMpms().

◆ base64_decode_max_len

uint16_t DetectEngineCtx_::base64_decode_max_len

Definition at line 1020 of file detect.h.

◆ buffer_type_hash_id

HashListTable* DetectEngineCtx_::buffer_type_hash_id

Definition at line 1080 of file detect.h.

Referenced by DetectEngineBufferTypeGetById(), and DetectEngineBufferTypeGetByIdTransforms().

◆ buffer_type_hash_name

HashListTable* DetectEngineCtx_::buffer_type_hash_name

Definition at line 1079 of file detect.h.

Referenced by DetectEngineBufferTypeGetByIdTransforms().

◆ buffer_type_id

uint32_t DetectEngineCtx_::buffer_type_id

Definition at line 1081 of file detect.h.

Referenced by DetectEngineBufferTypeGetByIdTransforms(), DumpPatterns(), MpmStoreReportStats(), SCProfilingKeywordDestroyCtx(), SCProfilingKeywordInitCounters(), SCProfilingKeywordThreadCleanup(), and SCProfilingKeywordThreadSetup().

◆ byte_extract_max_local_id

int32_t DetectEngineCtx_::byte_extract_max_local_id

Definition at line 1010 of file detect.h.

◆ class_conf_ht

HashTable* DetectEngineCtx_::class_conf_ht

Definition at line 1117 of file detect.h.

Referenced by SCClassConfAddClasstype(), SCClassConfDeInitContext(), and SCClassConfGetClasstype().

◆ class_conf_regex

pcre2_code* DetectEngineCtx_::class_conf_regex

Definition at line 1118 of file detect.h.

Referenced by SCClassConfAddClasstype(), SCClassConfDeinit(), and SCClassSCConfInit().

◆ class_conf_regex_match

pcre2_match_data* DetectEngineCtx_::class_conf_regex_match

Definition at line 1119 of file detect.h.

Referenced by SCClassConfAddClasstype(), SCClassConfDeinit(), and SCClassSCConfInit().

◆ config_prefix

char DetectEngineCtx_::config_prefix[64]

Definition at line 1051 of file detect.h.

Referenced by DetectEngineCtxFree(), SCRuleVarsGetConfVar(), SCThresholdConfParseFile(), SetupEngineAnalysis(), SigLoadSignatures(), and SigPrepareStage1().

◆ decoder_event_sgh

struct SigGroupHead_* DetectEngineCtx_::decoder_event_sgh

sgh for signatures that match against invalid packets. In those cases we can't lookup by proto, address, port as we don't have these

Definition at line 1017 of file detect.h.

Referenced by SigAddressCleanupStage1(), SigMatchSignaturesGetSgh(), and SigPrepareStage4().

◆ dport_hash_table

HashListTable* DetectEngineCtx_::dport_hash_table

Definition at line 1066 of file detect.h.

Referenced by DetectPortHashAdd(), DetectPortHashFree(), DetectPortHashInit(), and DetectPortHashLookup().

◆ dup_sig_hash_table

HashListTable* DetectEngineCtx_::dup_sig_hash_table

Definition at line 968 of file detect.h.

Referenced by DetectParseDupSigHashFree(), and DetectParseDupSigHashInit().

◆ ea

struct EngineAnalysisCtx_* DetectEngineCtx_::ea

Definition at line 1129 of file detect.h.

Referenced by CleanupEngineAnalysis(), DumpPatterns(), EngineAnalysisFP(), EngineAnalysisRules(), EngineAnalysisRules2(), EngineAnalysisRulesFailure(), and SetupEngineAnalysis().

◆ failure_fatal

bool DetectEngineCtx_::failure_fatal

Definition at line 933 of file detect.h.

Referenced by SigLoadSignatures(), and SRepInit().

◆ filedata_config

DetectFileDataCfg* DetectEngineCtx_::filedata_config

Definition at line 1039 of file detect.h.

Referenced by DetectEngineCtxFree().

◆ filemagic_thread_ctx_id

int DetectEngineCtx_::filemagic_thread_ctx_id

Definition at line 982 of file detect.h.

◆ filestore_cnt

uint16_t DetectEngineCtx_::filestore_cnt

Definition at line 1138 of file detect.h.

◆ firewall_rule_file_exclusive

const char* DetectEngineCtx_::firewall_rule_file_exclusive

Definition at line 1144 of file detect.h.

Referenced by SigLoadSignatures().

◆ flags

uint8_t DetectEngineCtx_::flags

only DE_QUIET

Definition at line 934 of file detect.h.

Referenced by LLVMFuzzerTestOneInput(), MpmStoreReportStats(), SignatureIsIPOnly(), SigPrepareStage1(), UTHGenericTest(), UTHPacketMatchSig(), UTHPacketMatchSigMpm(), and UTHParseSignature().

◆ flow_gh

DetectEngineLookupFlow DetectEngineCtx_::flow_gh[FLOW_STATES]

Definition at line 959 of file detect.h.

Referenced by SigAddressCleanupStage1(), SigMatchSignaturesGetSgh(), and SigPrepareStage2().

◆ fp_support_smlist_list

SCFPSupportSMList* DetectEngineCtx_::fp_support_smlist_list

Definition at line 1106 of file detect.h.

Referenced by DetectEngineFreeFastPatternList(), DetectEngineInitializeFastPatternList(), DetectEngineRegisterFastPatternForId(), FastPatternSupportEnabledForSigMatchList(), and RetrieveFPForSig().

◆ frame_inspect_engines

DetectEngineFrameInspectionEngine* DetectEngineCtx_::frame_inspect_engines

Definition at line 1091 of file detect.h.

Referenced by DetectEngineAppInspectionEngine2Signature(), and DetectEngineFrameInspectEngineRegister().

◆ frame_mpms_list

DetectBufferMpmRegistry* DetectEngineCtx_::frame_mpms_list

Definition at line 1092 of file detect.h.

Referenced by DetectEngineFrameMpmRegister(), DetectFrameMpmRegisterByParentId(), DetectMpmInitializeFrameMpms(), DetectMpmPrepareFrameMpms(), and MpmStoreReportStats().

◆ frame_mpms_list_cnt

uint32_t DetectEngineCtx_::frame_mpms_list_cnt

Definition at line 1093 of file detect.h.

Referenced by DetectEngineFrameMpmRegister(), DetectFrameMpmRegisterByParentId(), and DetectMpmInitializeFrameMpms().

◆ guess_applayer

bool DetectEngineCtx_::guess_applayer

Definition at line 979 of file detect.h.

◆ guess_applayer_log_limit

uint8_t DetectEngineCtx_::guess_applayer_log_limit

Definition at line 976 of file detect.h.

◆ inspection_recursion_limit

int DetectEngineCtx_::inspection_recursion_limit

Definition at line 973 of file detect.h.

Referenced by DetectEngineContentInspection(), and DetectEngineContentInspectionBuffer().

◆ io_ctx

DetectEngineIPOnlyCtx DetectEngineCtx_::io_ctx

Definition at line 970 of file detect.h.

Referenced by IPOnlyPrepare(), SigAddressCleanupStage1(), and SigPrepareStage2().

◆ keyword_hash

HashListTable* DetectEngineCtx_::keyword_hash

hash list of keywords that need thread local ctxs

Definition at line 1037 of file detect.h.

Referenced by DetectRegisterThreadCtxFuncs(), and DetectUnregisterThreadCtxFuncs().

◆ keyword_id

int DetectEngineCtx_::keyword_id

Definition at line 1035 of file detect.h.

Referenced by DetectRegisterThreadCtxFuncs().

◆ last_reload

struct timeval DetectEngineCtx_::last_reload

time of last ruleset reload

Definition at line 1099 of file detect.h.

Referenced by PostConfLoadedDetectSetup(), and SigLoadSignatures().

◆ loader_id

int DetectEngineCtx_::loader_id

id of loader thread 'owning' this de_ctx

Definition at line 1061 of file detect.h.

◆ max_fb_id

uint32_t DetectEngineCtx_::max_fb_id

Definition at line 994 of file detect.h.

Referenced by DetectFlowbitsAnalyze().

◆ max_uniq_toclient_groups

uint16_t DetectEngineCtx_::max_uniq_toclient_groups

Definition at line 990 of file detect.h.

◆ max_uniq_toserver_groups

uint16_t DetectEngineCtx_::max_uniq_toserver_groups

Definition at line 991 of file detect.h.

◆ metadata_table

HashTable* DetectEngineCtx_::metadata_table

table to store metadata keys and values

Definition at line 1075 of file detect.h.

Referenced by DetectMetadataHashFree(), and DetectMetadataHashInit().

◆ mpm_cfg

MpmConfig* DetectEngineCtx_::mpm_cfg

Definition at line 936 of file detect.h.

Referenced by DetectEngineCtxFree(), DetectMpmPrepareAppMpms(), DetectMpmPrepareBuiltinMpms(), DetectMpmPrepareFrameMpms(), DetectMpmPreparePktMpms(), and SigLoadSignatures().

◆ mpm_ctx_factory_container

MpmCtxFactoryContainer* DetectEngineCtx_::mpm_ctx_factory_container

Definition at line 996 of file detect.h.

Referenced by MpmFactoryDeRegisterAllMpmCtxProfiles(), MpmFactoryGetMpmCtxForProfile(), MpmFactoryIsMpmCtxAvailable(), and MpmFactoryRegisterMpmCtxProfile().

◆ mpm_hash_table

HashListTable* DetectEngineCtx_::mpm_hash_table

Definition at line 964 of file detect.h.

Referenced by MpmStoreFree(), MpmStoreInit(), and MpmStoreReportStats().

◆ mpm_matcher

uint8_t DetectEngineCtx_::mpm_matcher

mpm matcher this ctx uses

Definition at line 935 of file detect.h.

Referenced by DetectEngineCtxFree(), DetectMpmPrepareAppMpms(), DetectMpmPrepareBuiltinMpms(), DetectMpmPrepareFrameMpms(), DetectMpmPreparePktMpms(), SigLoadSignatures(), and UTHPacketMatchSigMpm().

◆ next

struct DetectEngineCtx_* DetectEngineCtx_::next

list in master: either active or freelist

Definition at line 1058 of file detect.h.

Referenced by DetectEngineClearMaster(), DetectEngineGetByTenantId(), DetectEngineGetCurrent(), DetectEngineMTApply(), and DetectEnginePruneFreeList().

◆ non_pf_engine_names

HashTable* DetectEngineCtx_::non_pf_engine_names

Definition at line 1142 of file detect.h.

Referenced by DetectEngineCtxFree().

◆ pattern_hash_table

HashListTable* DetectEngineCtx_::pattern_hash_table

Definition at line 965 of file detect.h.

Referenced by DumpPatterns(), and EngineAnalysisAddAllRulePatterns().

◆ pkt_inspect_engines

DetectEnginePktInspectionEngine* DetectEngineCtx_::pkt_inspect_engines

Definition at line 1088 of file detect.h.

Referenced by DetectEngineAppInspectionEngine2Signature().

◆ pkt_mpms_list

DetectBufferMpmRegistry* DetectEngineCtx_::pkt_mpms_list

Definition at line 1089 of file detect.h.

Referenced by DetectMpmInitializePktMpms(), DetectMpmPreparePktMpms(), DetectPktMpmRegisterByParentId(), and MpmStoreReportStats().

◆ pkt_mpms_list_cnt

uint32_t DetectEngineCtx_::pkt_mpms_list_cnt

Definition at line 1090 of file detect.h.

Referenced by DetectMpmInitializePktMpms(), and DetectPktMpmRegisterByParentId().

◆ pre_flow_sgh

struct SigGroupHead_* DetectEngineCtx_::pre_flow_sgh

pre_flow hook rule groups. Before flow we don't know a direction yet.

Definition at line 1160 of file detect.h.

Referenced by DetectPreFlow(), and SigAddressCleanupStage1().

◆ pre_stream_sgh

struct SigGroupHead_* DetectEngineCtx_::pre_stream_sgh[2]

TCP pre_stream hook rule groups. One per direction.

Definition at line 1155 of file detect.h.

Referenced by DetectPreStream(), and SigAddressCleanupStage1().

◆ prefilter_hash_table

HashListTable* DetectEngineCtx_::prefilter_hash_table

Definition at line 1096 of file detect.h.

Referenced by PrefilterDeinit(), PrefilterInit(), and SCProfilingPrefilterInitCounters().

◆ prefilter_id

uint32_t DetectEngineCtx_::prefilter_id

Definition at line 1095 of file detect.h.

Referenced by SCProfilingPrefilterInitCounters(), SCProfilingPrefilterThreadSetup(), and SCProfilingPrefilterUpdateCounter().

◆ prefilter_setting

enum DetectEnginePrefilterSetting DetectEngineCtx_::prefilter_setting

are we using just mpm or also other prefilters

Definition at line 1064 of file detect.h.

Referenced by PrefilterSetupRuleGroup().

◆ PreFlowHook

DetectPacketHookFunc DetectEngineCtx_::PreFlowHook

Definition at line 1158 of file detect.h.

◆ PreStreamHook

DetectPacketHookFunc DetectEngineCtx_::PreStreamHook

Definition at line 1153 of file detect.h.

◆ profile_keyword_ctx

struct SCProfileKeywordDetectCtx_* DetectEngineCtx_::profile_keyword_ctx

Definition at line 1045 of file detect.h.

Referenced by DetectEngineCtxFree(), SCProfilingKeywordDestroyCtx(), SCProfilingKeywordInitCounters(), and SCProfilingKeywordThreadCleanup().

◆ profile_keyword_ctx_per_list

struct SCProfileKeywordDetectCtx_** DetectEngineCtx_::profile_keyword_ctx_per_list

Definition at line 1047 of file detect.h.

Referenced by SCProfilingKeywordDestroyCtx(), and SCProfilingKeywordInitCounters().

◆ profile_match_logging_threshold

uint32_t DetectEngineCtx_::profile_match_logging_threshold

Definition at line 1049 of file detect.h.

Referenced by SigGroupBuild().

◆ profile_prefilter_ctx

struct SCProfilePrefilterDetectCtx_* DetectEngineCtx_::profile_prefilter_ctx

Definition at line 1046 of file detect.h.

Referenced by SCProfilingPrefilterDestroyCtx(), SCProfilingPrefilterInitCounters(), and SCProfilingPrefilterThreadCleanup().

◆ profile_sgh_ctx

struct SCProfileSghDetectCtx_* DetectEngineCtx_::profile_sgh_ctx

Definition at line 1048 of file detect.h.

Referenced by DetectEngineCtxFree(), SCProfilingSghDestroyCtx(), SCProfilingSghInitCounters(), and SCProfilingSghThreadCleanup().

◆ rate_filter_callback_arg

void* DetectEngineCtx_::rate_filter_callback_arg

Definition at line 1150 of file detect.h.

Referenced by DetectEngineReload(), and SCDetectEngineRegisterRateFilterCallback().

◆ RateFilterCallback

SCDetectRateFilterFunc DetectEngineCtx_::RateFilterCallback

Definition at line 1147 of file detect.h.

Referenced by DetectEngineReload(), and SCDetectEngineRegisterRateFilterCallback().

◆ ref_cnt

uint32_t DetectEngineCtx_::ref_cnt

how many de_ctx' are referencing this

Definition at line 1056 of file detect.h.

Referenced by DetectEngineClearMaster(), DetectEngineGetByTenantId(), DetectEngineGetCurrent(), DetectEnginePruneFreeList(), DetectEngineReference(), and LLVMFuzzerTestOneInput().

◆ reference_conf_ht

HashTable* DetectEngineCtx_::reference_conf_ht

Definition at line 1124 of file detect.h.

Referenced by SCRConfAddReference(), SCRConfDeInitContext(), and SCRConfGetReference().

◆ reference_conf_regex

pcre2_code* DetectEngineCtx_::reference_conf_regex

Definition at line 1125 of file detect.h.

Referenced by SCRConfAddReference(), SCReferenceConfDeinit(), and SCReferenceSCConfInit().

◆ reference_conf_regex_match

pcre2_match_data* DetectEngineCtx_::reference_conf_regex_match

Definition at line 1126 of file detect.h.

Referenced by SCRConfAddReference(), SCReferenceConfDeinit(), and SCReferenceSCConfInit().

◆ requirements

SCDetectRequiresStatus* DetectEngineCtx_::requirements

Definition at line 1135 of file detect.h.

Referenced by DetectEngineCtxFree(), and SigLoadSignatures().

◆ rule_file

const char* DetectEngineCtx_::rule_file

Definition at line 1024 of file detect.h.

Referenced by LLVMFuzzerTestOneInput().

◆ rule_line

int DetectEngineCtx_::rule_line

Store rule file and line so that parsers can use them in errors.

Definition at line 1023 of file detect.h.

◆ sc_sig_order_funcs

struct SCSigOrderFunc_* DetectEngineCtx_::sc_sig_order_funcs

Definition at line 956 of file detect.h.

Referenced by SCSigOrderSignatures(), and SCSigSignatureOrderingModuleCleanup().

◆ sgh_array

struct SigGroupHead_** DetectEngineCtx_::sgh_array

Definition at line 1000 of file detect.h.

Referenced by SigAddressCleanupStage1(), SigGroupHeadStore(), and SigPrepareStage4().

◆ sgh_array_cnt

uint32_t DetectEngineCtx_::sgh_array_cnt

Definition at line 1001 of file detect.h.

Referenced by SCProfilingSghInitCounters(), SCProfilingSghThreadSetup(), SCProfilingSghUpdateCounter(), SigAddressCleanupStage1(), SigGroupHeadStore(), and SigPrepareStage4().

◆ sgh_array_size

uint32_t DetectEngineCtx_::sgh_array_size

Definition at line 1002 of file detect.h.

Referenced by SigAddressCleanupStage1(), and SigGroupHeadStore().

◆ sgh_hash_table

HashListTable* DetectEngineCtx_::sgh_hash_table

Definition at line 962 of file detect.h.

Referenced by DetectPortHashFree(), SigGroupHeadHashAdd(), SigGroupHeadHashFree(), SigGroupHeadHashInit(), and SigGroupHeadHashLookup().

◆ sgh_mpm_context_proto_other_packet

int32_t DetectEngineCtx_::sgh_mpm_context_proto_other_packet

Definition at line 1006 of file detect.h.

Referenced by DetectMpmInitializeBuiltinMpms(), DetectMpmPrepareBuiltinMpms(), and MpmStorePrepareBuffer().

◆ sgh_mpm_context_proto_tcp_packet

int32_t DetectEngineCtx_::sgh_mpm_context_proto_tcp_packet

Definition at line 1004 of file detect.h.

Referenced by DetectMpmInitializeBuiltinMpms(), DetectMpmPrepareBuiltinMpms(), and MpmStorePrepareBuffer().

◆ sgh_mpm_context_proto_udp_packet

int32_t DetectEngineCtx_::sgh_mpm_context_proto_udp_packet

Definition at line 1005 of file detect.h.

Referenced by DetectMpmInitializeBuiltinMpms(), DetectMpmPrepareBuiltinMpms(), and MpmStorePrepareBuffer().

◆ sgh_mpm_context_stream

int32_t DetectEngineCtx_::sgh_mpm_context_stream

Definition at line 1007 of file detect.h.

Referenced by DetectMpmInitializeBuiltinMpms(), DetectMpmPrepareBuiltinMpms(), and MpmStorePrepareBuffer().

◆ sgh_mpm_ctx_cnf

uint8_t DetectEngineCtx_::sgh_mpm_ctx_cnf

Definition at line 1033 of file detect.h.

Referenced by DetectEngineFrameMpmRegister(), DetectMpmInitializeAppMpms(), DetectMpmInitializeFrameMpms(), and DetectMpmInitializePktMpms().

◆ sig_array

Signature** DetectEngineCtx_::sig_array

Definition at line 950 of file detect.h.

Referenced by DetectEngineCtxFree(), DetectFlowbitsAnalyze(), IPOnlyMatchPacket(), RulesDumpTxMatchArray(), SigGroupHeadBuildMatchArray(), SigGroupHeadContainsSigId(), and SigPrepareStage1().

◆ sig_array_len

uint32_t DetectEngineCtx_::sig_array_len

Definition at line 951 of file detect.h.

Referenced by DetectFlowbitsAnalyze(), IPOnlyInit(), and SigPrepareStage1().

◆ sig_cnt

uint32_t DetectEngineCtx_::sig_cnt

Definition at line 942 of file detect.h.

Referenced by SigPrepareStage1().

◆ sig_list

Signature* DetectEngineCtx_::sig_list

Definition at line 941 of file detect.h.

Referenced by DetectEngineAppendSig(), DetectFirewallRuleAppendNew(), DetectSetFastPatternAndItsId(), FirewallAnalyzer(), SCSigOrderSignatures(), SigCleanSignatures(), SigFindSignatureBySidGid(), SigGroupBuild(), SigPrepareStage1(), SigPrepareStage2(), UTHPacketMatchSig(), and UTHPacketMatchSigMpm().

◆ sig_stat

SigFileLoaderStat DetectEngineCtx_::sig_stat

signatures stats

Definition at line 1102 of file detect.h.

Referenced by SigLoadSignatures().

◆ sigerror

const char* DetectEngineCtx_::sigerror

Definition at line 1025 of file detect.h.

◆ sigerror_ok

bool DetectEngineCtx_::sigerror_ok

Definition at line 1027 of file detect.h.

◆ sigerror_requires

bool DetectEngineCtx_::sigerror_requires

The rule errored out due to missing requirements.

Definition at line 1030 of file detect.h.

◆ sigerror_silent

bool DetectEngineCtx_::sigerror_silent

Definition at line 1026 of file detect.h.

◆ signum

uint32_t DetectEngineCtx_::signum

Definition at line 953 of file detect.h.

Referenced by DetectEngineResetMaxSigId(), and SigGroupBuild().

◆ sm_types_prefilter

bool* DetectEngineCtx_::sm_types_prefilter

per keyword flag indicating if a prefilter has been set for it. If true, the setup function will have to run.

Definition at line 1111 of file detect.h.

Referenced by DetectEngineCtxFree(), and PrefilterSetupRuleGroup().

◆ sm_types_silent_error

bool* DetectEngineCtx_::sm_types_silent_error

Definition at line 1112 of file detect.h.

Referenced by DetectEngineCtxFree(), and SigMatchSilentErrorEnabled().

◆ spm_global_thread_ctx

SpmGlobalThreadCtx* DetectEngineCtx_::spm_global_thread_ctx

Definition at line 986 of file detect.h.

Referenced by DetectContentConvertToNocase(), DetectContentSetup(), and DetectEngineCtxFree().

◆ spm_matcher

uint8_t DetectEngineCtx_::spm_matcher

spm matcher this ctx uses

Definition at line 937 of file detect.h.

◆ srep_version

uint32_t DetectEngineCtx_::srep_version

Definition at line 945 of file detect.h.

Referenced by SRepInit().

◆ srepCIDR_ctx

SRepCIDRTree* DetectEngineCtx_::srepCIDR_ctx

Definition at line 948 of file detect.h.

Referenced by SRepDestroy(), and SRepInit().

◆ tcp_priorityports

DetectPort* DetectEngineCtx_::tcp_priorityports

Definition at line 1068 of file detect.h.

Referenced by DetectEngineCtxFree().

◆ tenant_id

uint32_t DetectEngineCtx_::tenant_id

Definition at line 939 of file detect.h.

Referenced by DetectEngineGetByTenantId(), DetectEngineMTApply(), DetectEngineReload(), DetectEngineThreadCtxInitForReload(), SCThresholdConfParseFile(), SigLoadSignatures(), and SigPrepareStage1().

◆ tenant_path

char* DetectEngineCtx_::tenant_path

Definition at line 1132 of file detect.h.

Referenced by DetectEngineCtxFree().

◆ type

enum DetectEngineType DetectEngineCtx_::type

Definition at line 1053 of file detect.h.

Referenced by DetectEngineGetByTenantId(), DetectEngineGetCurrent(), DetectEngineMTApply(), DetectEngineReload(), DetectEngineThreadCtxInit(), DetectEngineThreadCtxInitForReload(), and PostConfLoadedDetectSetup().

◆ udp_priorityports

DetectPort* DetectEngineCtx_::udp_priorityports

Definition at line 1069 of file detect.h.

Referenced by DetectEngineCtxFree().

◆ version

uint32_t DetectEngineCtx_::version

version of the detect engine. The version is incremented on reloads

Definition at line 1013 of file detect.h.

The documentation for this struct was generated from the following file:

src/detect.h

Data Fields

Detailed Description

Field Documentation

◆ address_table

◆ app_inspect_engines

◆ app_mpms_list

◆ app_mpms_list_cnt

◆ base64_decode_max_len

◆ buffer_type_hash_id

◆ buffer_type_hash_name

◆ buffer_type_id

◆ byte_extract_max_local_id

◆ class_conf_ht

◆ class_conf_regex

◆ class_conf_regex_match

◆ config_prefix

◆ decoder_event_sgh

◆ dport_hash_table

◆ dup_sig_hash_table

◆ ea

◆ failure_fatal

◆ filedata_config

◆ filemagic_thread_ctx_id

◆ filestore_cnt

◆ firewall_rule_file_exclusive

◆ flags

◆ flow_gh

◆ fp_support_smlist_list

◆ frame_inspect_engines

◆ frame_mpms_list

◆ frame_mpms_list_cnt

◆ guess_applayer

◆ guess_applayer_log_limit

◆ inspection_recursion_limit

◆ io_ctx

◆ keyword_hash

◆ keyword_id

◆ last_reload

◆ loader_id

◆ max_fb_id

◆ max_uniq_toclient_groups

◆ max_uniq_toserver_groups

◆ metadata_table

◆ mpm_cfg

◆ mpm_ctx_factory_container

◆ mpm_hash_table

◆ mpm_matcher

◆ next

◆ non_pf_engine_names

◆ pattern_hash_table

◆ pkt_inspect_engines

◆ pkt_mpms_list

◆ pkt_mpms_list_cnt

◆ pre_flow_sgh

◆ pre_stream_sgh

◆ prefilter_hash_table

◆ prefilter_id

◆ prefilter_setting

◆ PreFlowHook

◆ PreStreamHook

◆ profile_keyword_ctx

◆ profile_keyword_ctx_per_list

◆ profile_match_logging_threshold

◆ profile_prefilter_ctx

◆ profile_sgh_ctx

◆ rate_filter_callback_arg

◆ RateFilterCallback

◆ ref_cnt

◆ reference_conf_ht

◆ reference_conf_regex

◆ reference_conf_regex_match

◆ requirements

◆ rule_file

◆ rule_line

◆ sc_sig_order_funcs

◆ sgh_array

◆ sgh_array_cnt

◆ sgh_array_size

◆ sgh_hash_table

◆ sgh_mpm_context_proto_other_packet